admin管理员组

文章数量:1252714

Lately, I have run in some security problems due to vulnerabilities in plugins. For this reason, I want to have a restrictive permission scheme unless i wish to install plugin or update wordpress.

When a WordPress is only running and serving content, that is it is not being updated, nor plugin or theme is being installed, which files & directories need to be writable? Is it only wp-content/uploads and wp-content/cache folder?

Lately, I have run in some security problems due to vulnerabilities in plugins. For this reason, I want to have a restrictive permission scheme unless i wish to install plugin or update wordpress.

When a WordPress is only running and serving content, that is it is not being updated, nor plugin or theme is being installed, which files & directories need to be writable? Is it only wp-content/uploads and wp-content/cache folder?

  • permissions
Share Improve this question asked Jan 5, 2022 at 11:12 NoorNoor 4371 gold badge8 silver badges18 bronze badges 2
  • the wp-content/cache folder isn't a WordPress folder, it will be a custom folder from a plugin, you will need to ask the plugin vendor – Tom J Nowell Commented Jan 5, 2022 at 11:26
  • 2 DISALLOW_FILE_MODS with only read-permission on wp-config.php might already help a lot in this regard – kero Commented Jan 5, 2022 at 11:33
Add a comment  | 

1 Answer 1

Reset to default 1

There is no definitive answer to this, but I'd like to share my 2 cents anyways.

In practice, many plugins write to custom folders in ./wp-content/. Just checking one client site I see 6 custom folders in there (e.g. from security, backup, caching plugins, etc.).

Some themes and plugins may even expect that they are able to write inside their own folder (inside ./wp-content/themes/foo/ or ./wp-content/plugins/bar/), so restricting file access within ./wp-content/ will usually lead to problems.

Depending on the project, I usually do a mix of the following:

  1. Have wp-config.php one level below the webroot. WordPress supports this out of the box and I consider it good practice to avoid accidental leakage of secure credentials.
/var/www/
        |- wp-config.php
/var/www/html/
             |- index.php
             |- wp-activate.php
             ...

  1. Make wp-config.php read-only. This way you avoid hacks that read the file, remove restrictive elements, and overwrite it.

  2. Set DISALLOW_FILE_EDIT (disallows editing via the editor in wp-admin) and DISALLOW_FILE_MODS (disallows any plugin/theme/core updates).

  3. Regularly scan your complete installation and compare against original files. (Most security plugins have features of this, beware that this might be resource-intensive, so you might want to do it automated at night.)

  4. Force secure passwords and if possible even 2FA for all backend users. (Forcing it for admins is a start, but there are "privilege escalation" scenarios, so forcing it for all users that have backend-access is usually best.)

  5. Use advanced setups like Roots' Bedrock. If you manage your dependencies (core, plugin, theme) via composer, it is much easier to setup a new site. Bedrock also separates core from custom files better, so you can use more restrictive file-access.

  6. Make related services internal. E.g. your DB and Redis do not need to be public, but only be accessible by WP itself.

本文标签: permissionsWhich wordpress should be obligatory writeable

版权声明:本文标题:permissions - Which wordpress should be obligatory writeable? 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1740313422a2259850.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。